/**
 * Copyright (c) 2011-2016, Eason Pan(pylxyhome@vip.qq.com).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.jcbase.controller.sys;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.apache.commons.collections4.CollectionUtils;

import com.jcbase.core.auth.anno.RequiresPermissions;
import com.jcbase.core.controller.JCBaseController;
import com.jcbase.core.model.Condition;
import com.jcbase.core.model.Operators;
import com.jcbase.core.pojo.ObjDetail;
import com.jcbase.core.util.CommonUtils;
import com.jcbase.core.util.IWebUtils;
import com.jcbase.core.util.MyDigestUtils;
import com.jcbase.core.view.InvokeResult;
import com.jcbase.model.SysConfig;
import com.jcbase.model.SysLoginRecord;
import com.jcbase.model.SysObj;
import com.jcbase.model.SysRole;
import com.jcbase.model.SysSite;
import com.jcbase.model.SysUser;
import com.jcbase.model.SysUserRole;
import com.jfinal.plugin.activerecord.Db;
import com.jfinal.plugin.activerecord.Page;
import com.jfinal.plugin.activerecord.Record;

/**
 * 系统对象管理
 * 
 * @author eason
 */

public class ObjController extends JCBaseController
{

	@RequiresPermissions(value = { "/sys/obj" })
	public void index()
	{
		render("obj_index.jsp");
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void add()
	{
		Integer id = this.getParaToInt("id");
		if (id != null)
		{
			this.setAttr("item", SysObj.me.findById(id));
		}
		this.setAttr("id", id);
		render("obj_add.jsp");
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void objAddUserView()
	{
		String ids = this.getPara("ids");
		this.setAttr("ids", ids);
		render("obj_add_user.jsp");
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void getPublicObjView()
	{
		String siteId = this.getPara("siteId");
		this.setAttr("siteId", siteId);
		render("obj_public.jsp");
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void getPublicObj()
	{
		int totalRow;
		int totalPage;

		StringBuilder sqlSel = new StringBuilder();
		StringBuilder sqlCount = new StringBuilder();
		StringBuilder sql = new StringBuilder();
		SysUser user = IWebUtils.getCurrentSysUser(getRequest());
		List<Record> Recordlist = new ArrayList<Record>();
		int siteId = this.getParaToInt("siteId");
		// 查找满足自己角色的对象
		sqlSel.append("select so.*,soc.id as collId,soa.id as shareId, sit.name as siteName ");
		sqlCount.append("select count(*) ");
		sql.append("from sys_obj so ");
		sql.append(" left join sys_obj_colletc soc on(soc.obj_id =so.id and soc.user_id = ");
		sql.append(user.getId() + ")");
		sql.append(" left join sys_obj_share soa on(soa.obj_id =so.id and soa.share_user_id = ");
		sql.append(user.getId() + ")");
		sql.append(" left join sys_site sit on sit.id = (select pid from  sys_site where id =so.site_id )");
		sql.append("  where sit.id = ");
		sql.append(siteId);
		Recordlist = Db.find(sqlSel.append(sql.toString()).toString());
		// 查找满足自己创建的对象
		List<Record> RecordCount = Db.find(sqlCount.append(sql.toString()).toString());
		totalRow = RecordCount.size();
		if (totalRow == 0)
		{
			totalPage = 1;
		}
		else
		{
			totalPage = totalRow / this.getRows() + 1;
		}

		List<ObjDetail> Objlist = new ArrayList<ObjDetail>();
		for (Record record : Recordlist)
		{
			ObjDetail objDetail = new ObjDetail();
			if (record.getInt("site_id") != null)
			{
				objDetail.setSiteId(record.getInt("site_id"));
			}
			objDetail.setOwnName(record.getStr("user_name"));
			objDetail.setSiteName(record.getStr("siteName"));
			objDetail.setId(record.getInt("id"));
			objDetail.setName(record.getStr("name"));
			objDetail.setLink(record.getStr("link"));
			objDetail.setParams(record.getStr("params"));
			objDetail.setSubject(record.getStr("subject"));
			objDetail.setType(record.getStr("type"));
			if (record.getLong("collId") != null)
			{
				objDetail.setColletc("已收藏");
			}
			else
			{
				objDetail.setColletc("未收藏");
			}
			if (record.getLong("shareId") != null)
			{
				objDetail.setShare("已分享");
			}
			else
			{
				objDetail.setShare("未分享");
			}
			Objlist.add(objDetail);
		}

		Page<ObjDetail> pageInfo = new Page<ObjDetail>(Objlist, this.getPage(), this.getRows(), totalPage, totalRow);
		user = SysUser.me.findById(user.getId());
		List<ObjDetail> ObjDetailList = pageInfo.getList();
		SysConfig host = SysConfig.me.findById(1);
		for (ObjDetail sysObj : ObjDetailList)
		{

			StringBuffer sb = new StringBuffer();
			sb.append("<a href = '#' onclick = \"forword('");
			sb.append(host.getValue());
			sb.append(sysObj.getLink());

			String common = user.getParams();
			if (common != null && !"".equals(common))
			{
				sysObj.setParams(common);
				String params[] = common.split(",");
				for (String param : params)
				{
					sb.append("&");
					sb.append(param);
				}
			}

			sb.append("')\">");
			sb.append(sysObj.getLink());
			sb.append("</a>");
			sysObj.setLink(sb.toString());
		}
		this.renderJson(SysObj.me.toJqGridView(pageInfo, 1));
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void objAddUser()
	{
		String userId = this.getPara("userId");
		String ids = this.getPara("ids");
		SysUser.insertShareObj(ids, userId);
		// 查询是否
		this.renderJson(InvokeResult.success());
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void getListData()
	{
		int totalRow;
		int totalPage;

		StringBuilder sqlSel = new StringBuilder();
		StringBuilder sqlCount = new StringBuilder();
		StringBuilder sql = new StringBuilder();
		SysUser user = IWebUtils.getCurrentSysUser(getRequest());
		List<SysUserRole> list = SysRole.me.getRole(getRequest());
		List<Record> Recordlist = new ArrayList<Record>();
		if (SysRole.me.checkIsAdmin(list))
		{

			sqlSel.append("select so.*,sit.name as siteName,");
			// 查询共享了多少人
			sqlSel.append("(select count(*) from sys_obj_share soa where soa.obj_id =so.id and soa.share_user_id = ");
			sqlSel.append(user.getId() + ") as shareId ,");
			// 查询收藏了多少人
			sqlSel.append("(select count(*) from sys_obj_colletc soc where soc.obj_id =so.id and soc.user_id =  ");
			sqlSel.append(user.getId() + ") as collId ");
			sqlCount.append("select count(*) ");
			sql.append("from sys_obj so ");
			sql.append(" left join sys_site sit on sit.id = so.site_id");

			Recordlist = Db.find(sqlSel.append(sql.toString()).toString());
			List<Record> RecordCount = Db.find(sqlCount.append(sql.toString()).toString());

			totalRow = RecordCount.size();
			if (totalRow == 0)
			{
				totalPage = 1;
			}
			else
			{
				totalPage = totalRow / this.getRows() + 1;
			}

		}
		else
		{
			// 查找满足自己角色的对象
			sqlSel.append("select so.*,sit.name as siteName ");
			// 查询共享了多少人
			sqlSel.append("(select count(*) from sys_obj_share soa where soa.obj_id =so.id and soa.share_user_id = ");
			sqlSel.append(user.getId() + ") as shareId ");
			// 查询收藏了多少人
			sqlSel.append("(select count(*) from sys_obj_colletc soc where soc.obj_id =so.id and soc.user_id =  ");
			sqlSel.append(user.getId() + ") as collId ");
			sqlCount.append("select count(*) ");
			sql.append("from sys_obj so ");
			sql.append(" left join sys_site sit on sit.id = so.site_id");
			// 获取自己角色有的
			sql.append(
					" where so.id in (select obj_id from sys_role_obj where role_id in (select role_id from sys_user_role where user_id =");
			sql.append(user.getId() + "))");
			// 获取自己创建的
			sql.append(" or user_name = ");
			sql.append("'" + user.getName() + "'");
			if (SysRole.me.checkIsSiteAdmin(list))
			{
				sql.append(" or so.site_id in ");
				sql.append("(" + user.getSiteId() + ")");
			}

			Recordlist = Db.find(sqlSel.append(sql.toString()).toString());
			// 查找满足自己创建的对象
			List<Record> RecordCount = Db.find(sqlCount.append(sql.toString()).toString());
			totalRow = RecordCount.size();
			if (totalRow == 0)
			{
				totalPage = 1;
			}
			else
			{
				totalPage = totalRow / this.getRows() + 1;
			}
		}
		List<ObjDetail> Objlist = new ArrayList<ObjDetail>();
		for (Record record : Recordlist)
		{
			ObjDetail objDetail = new ObjDetail();
			if (record.getInt("site_id") != null)
			{
				objDetail.setSiteId(record.getInt("site_id"));
			}
			objDetail.setOwnName(record.getStr("user_name"));
			objDetail.setSiteName(record.getStr("siteName"));
			objDetail.setId(record.getInt("id"));
			objDetail.setName(record.getStr("name"));
			objDetail.setLink(record.getStr("link"));
			objDetail.setParams(record.getStr("params"));
			objDetail.setSubject(record.getStr("subject"));
			objDetail.setType(record.getStr("type"));
			if (record.getLong("collId") != null && record.getLong("collId") > 0)
			{
				objDetail.setColletc("已收藏");
			}
			else
			{
				objDetail.setColletc("未收藏");
			}
			if (record.getLong("shareId") != null && record.getLong("shareId") > 0)
			{
				objDetail.setShare("已分享");
			}
			else
			{
				objDetail.setShare("未分享");
			}
			Objlist.add(objDetail);
		}

		Page<ObjDetail> pageInfo = new Page<ObjDetail>(Objlist, this.getPage(), this.getRows(), totalPage, totalRow);
		user = SysUser.me.findById(user.getId());
		List<ObjDetail> ObjDetailList = pageInfo.getList();
		SysConfig host = SysConfig.me.findById(1);
		for (ObjDetail sysObj : ObjDetailList)
		{

			StringBuffer sb = new StringBuffer();
			sb.append("<a href = '#' onclick = \"forword('");
			sb.append(host.getValue());
			sb.append(sysObj.getLink());

			String common = user.getParams();
			if (common != null && !"".equals(common))
			{
				sysObj.setParams(common);
				String params[] = common.split(",");
				for (String param : params)
				{
					sb.append("&");
					sb.append(param);
				}
			}

			sb.append("')\">");
			sb.append(sysObj.getLink());
			sb.append("</a>");
			sysObj.setLink(sb.toString());
		}
		this.renderJson(SysObj.me.toJqGridView(pageInfo, 1));
	}

	// 获取未分配的对象列表
	@RequiresPermissions(value = { "/sys/obj" })
	public void getNoGiveListView()
	{
		Integer siteId = this.getParaToInt("siteId");
		this.setAttr("siteId", siteId);
		render("no_give_list.jsp");
	}

	// 获取未分配的对象列表
	@RequiresPermissions(value = { "/sys/obj" })
	public void getNoGiveListData()
	{
		int totalRow;
		int totalPage;

		StringBuilder sqlSel = new StringBuilder();
		StringBuilder sqlCount = new StringBuilder();
		StringBuilder sql = new StringBuilder();
		SysUser user = IWebUtils.getCurrentSysUser(getRequest());
		List<SysUserRole> list = SysRole.me.getRole(getRequest());
		List<Record> Recordlist = new ArrayList<Record>();
		int siteId = this.getParaToInt("siteId");
		if (SysRole.me.checkIsAdmin(list))
		{

			sqlSel.append("select so.*,soc.id as collId,soa.id as  shareId, sit.name as siteName ");
			sqlCount.append("select count(*) ");
			sql.append("from sys_obj so ");
			sql.append(" left join sys_obj_colletc soc on(soc.obj_id =so.id and soc.user_id = ");
			sql.append(user.getId() + ")");
			sql.append(" left join sys_obj_share soa on(soa.obj_id =so.id and soa.share_user_id = ");
			sql.append(user.getId() + ")");
			sql.append(" left join sys_site sit on sit.pid = (select pid from  sys_site where id =so.site_id )");
			sql.append("  where ISNULL(so.user_name) or so.user_name='' ");
			sql.append("  and sit.id = " + siteId);

			Recordlist = Db.find(sqlSel.append(sql.toString()).toString());
			List<Record> RecordCount = Db.find(sqlCount.append(sql.toString()).toString());

			totalRow = RecordCount.size();
			if (totalRow == 0)
			{
				totalPage = 1;
			}
			else
			{
				totalPage = totalRow / this.getRows() + 1;
			}

		}
		else
		{
			// 查找满足自己角色的对象
			sqlSel.append("select so.*,soc.id as collId,soa.id as shareId, sit.name as siteName ");
			sqlCount.append("select count(*) ");
			sql.append("from sys_obj so ");
			sql.append(" left join sys_obj_colletc soc on(soc.obj_id =so.id and soc.user_id = ");
			sql.append(user.getId() + ")");
			sql.append(" left join sys_obj_share soa on(soa.obj_id =so.id and soa.share_user_id = ");
			sql.append(user.getId() + ")");
			sql.append(" left join sys_site sit on sit.pid = (select pid from  sys_site where id =so.site_id )");
			sql.append(" where 1=1 ");

			if (SysRole.me.checkIsSiteAdmin(list))
			{
				sql.append(" and so.site_id in ");
				sql.append("(" + user.getSiteId() + ")");
			}
			// 获取自己创建的
			sql.append(" and ISNULL(so.user_name)  ");

			Recordlist = Db.find(sqlSel.append(sql.toString()).toString());
			// 查找满足自己创建的对象
			List<Record> RecordCount = Db.find(sqlCount.append(sql.toString()).toString());
			totalRow = RecordCount.size();
			if (totalRow == 0)
			{
				totalPage = 1;
			}
			else
			{
				totalPage = totalRow / this.getRows() + 1;
			}
		}
		List<ObjDetail> Objlist = new ArrayList<ObjDetail>();
		for (Record record : Recordlist)
		{
			ObjDetail objDetail = new ObjDetail();
			if (record.getInt("site_id") != null)
			{
				objDetail.setSiteId(record.getInt("site_id"));
			}
			objDetail.setSiteName(record.getStr("siteName"));
			objDetail.setOwnName(record.getStr("user_name"));
			objDetail.setId(record.getInt("id"));
			objDetail.setName(record.getStr("name"));
			objDetail.setLink(record.getStr("link"));
			objDetail.setParams(record.getStr("params"));
			objDetail.setSubject(record.getStr("subject"));
			objDetail.setType(record.getStr("type"));
			if (record.getLong("collId") != null)
			{
				objDetail.setColletc("已收藏");
			}
			else
			{
				objDetail.setColletc("未收藏");
			}
			if (record.getLong("shareId") != null)
			{
				objDetail.setShare("已分享");
			}
			else
			{
				objDetail.setShare("未分享");
			}
			Objlist.add(objDetail);
		}
		user = SysUser.me.findById(user.getId());
		Page<ObjDetail> pageInfo = new Page<ObjDetail>(Objlist, this.getPage(), this.getRows(), totalPage, totalRow);
		pageInfo = changeBean(pageInfo, user);
		this.renderJson(SysObj.me.toJqGridView(pageInfo, 1));
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void getObjBySiteId()
	{
		int totalRow;
		int totalPage;
		String SiteId = this.getPara("siteId");
		StringBuilder sql = new StringBuilder();

		// 获取该节点下所有子节点
		List<SysSite> siteList = SysSite.me.find("select * from sys_site where pid = " + SiteId);
		String ids = "" + SiteId + ",";
		if (CollectionUtils.isNotEmpty(siteList))
		{
			for (SysSite sysSite : siteList)
			{
				ids = ids + sysSite.getId() + ",";
			}
		}

		ids = ids.substring(0, ids.length() - 1);
		// 查询总数
		sql.append(" select Count(*) ");
		sql.append("from sys_obj so");
		sql.append(" left join sys_site st on st.id = so.site_id ");
		sql.append(" where so.site_id in (");
		sql.append(ids + ")");
		totalRow = Db.find(sql.toString()).size();
		// 查询对象
		sql = new StringBuilder();

		sql.append(" select so.*,st.id as siteId,st.name as siteName ");
		sql.append("from sys_obj so");
		sql.append(" left join sys_site st on st.id = so.site_id ");
		sql.append(" where so.site_id in (");
		sql.append(ids + ")");
		List<Record> ObjList = Db.find(sql.toString());
		List<ObjDetail> list = new ArrayList<ObjDetail>();
		for (Record record : ObjList)
		{
			ObjDetail objDetail = new ObjDetail();
			objDetail.setSiteId(record.getInt("siteId"));
			objDetail.setSiteName(record.getStr("siteName"));
			objDetail.setId(record.getInt("id"));
			objDetail.setName(record.getStr("name"));
			objDetail.setLink(record.getStr("link"));
			objDetail.setParams(record.getStr("params"));
			objDetail.setSubject(record.getStr("subject"));
			list.add(objDetail);
		}

		if (totalRow == 0)
		{
			totalPage = 1;
		}
		else
		{
			totalPage = totalRow / this.getRows() + 1;
		}

		Page<ObjDetail> pageInfo = new Page<ObjDetail>(list, this.getPage(), this.getRows(), totalPage, totalRow);

		List<ObjDetail> objList = pageInfo.getList();
		SysUser user = IWebUtils.getCurrentSysUser(getRequest());
		SysConfig host = SysConfig.me.findById(1);
		for (ObjDetail sysObj : objList)
		{

			StringBuffer sb = new StringBuffer();
			sb.append("<a href = '#' onclick = \"forword('");
			sb.append(host.getValue());
			sb.append(sysObj.getLink());

			String common = user.getParams();
			if (common != null && !"".equals(common))
			{
				sysObj.setParams(common);
				String params[] = common.split(",");
				for (String param : params)
				{
					sb.append("&");
					sb.append(param);
				}
			}

			sb.append("')\">");
			sb.append(sysObj.getLink());
			sb.append("</a>");
			sysObj.setLink(sb.toString());
		}
		this.renderJson(SysObj.me.toJqGridView(pageInfo, 1));
	}

	/**
	 * 获取该对象信息
	 */
	@RequiresPermissions(value = { "/sys/obj" })
	public void getObjData()
	{
		String id = this.getPara("id");
		Page<SysObj> pageInfo = SysObj.me.getPage(this.getPage(), this.getRows(), "select * ",
				"from sys_Obj where id =" + id, this.getOrderby());
		this.renderJson(SysObj.me.toJqGridView(pageInfo));
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void delete()
	{
		String ids = this.getPara("ids");
		InvokeResult result = SysObj.me.delete(ids);
		this.renderJson(result);
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void objInfo()
	{
		Integer id = this.getParaToInt("id");

		String name = this.getPara("name");
		SysUser user = SysUser.me.findById(id);
		Set<Condition> conditions = new HashSet<Condition>();
		if (CommonUtils.isNotEmpty(name))
		{
			conditions.add(new Condition("name", Operators.LIKE, name));
		}
		List<SysUserRole> list = SysUserRole.me.find("select * from sys_user_role where user_id = " + user.getId());
		Page<SysObj> pageInfo;
		if (SysRole.me.checkIsAdmin(list))
		{
			pageInfo = SysObj.me.getPage(getPage(), this.getRows(), conditions);
		}
		else
		{
			pageInfo = SysObj.me.getPage(this.getPage(), this.getRows(), "select * ",
					"from sys_obj where id in (select obj_id from sys_role_obj where role_id in (select role_id from sys_user_role where user_id = "
							+ user.getId() + "))",
					this.getOrderby());
		}
		user = SysUser.me.findById(user.getId());

		this.renderJson(SysObj.me.toJqGridView(pageInfo));
	}

	@RequiresPermissions(value = { "/sys/obj" })
	public void save()
	{
		String name = this.getPara("name");
		String type = this.getPara("type");
		String link = this.getPara("link");
		Integer params = this.getParaToInt("params");
		Integer id = this.getParaToInt("id");
		Integer siteId = this.getParaToInt("siteId");
		SysUser user = IWebUtils.getCurrentSysUser(getRequest());
		InvokeResult result = SysObj.me.save(id, name, type, link, params, user.getName(), siteId);
		this.renderJson(result);
	}

	// api接口 获取用户权限内的对象
	@RequiresPermissions(value = { "/sys/obj" })
	public void queryObject()
	{
		getFile();
		String userName = this.getPara("userName");
		String password = this.getPara("passWord");
		// 用户登录校验
		SysUser sysUser = SysUser.me.getByName(userName);
		if (sysUser == null)
		{
			this.renderJson(InvokeResult.failure("用户不存在"));
			return;
		}
		if (SysLoginRecord.dao.hasOverLoginErrTimes(sysUser.getId()))
		{
			this.renderJson(InvokeResult.failure("今天连续输入密码错误次数超过5次"));
			return;
		}
		if (!sysUser.getPwd().equals(MyDigestUtils.shaDigestForPasswrod(password)))
		{
			SysLoginRecord.dao.saveSysLoginRecord(sysUser.getId(), 0);
			this.renderJson(InvokeResult.failure("用户密码输入有误"));
			return;
		}
		if (sysUser.getInt("status") == 2)
		{
			this.renderJson(InvokeResult.failure("用户被冻结，请联系管理员"));
			return;
		}
		// 用户校验成功

		Set<Condition> conditions = new HashSet<Condition>();
		List<SysUserRole> list = SysUserRole.me.find("select * from sys_user_role where user_id = " + sysUser.getId());
		Page<SysObj> pageInfo;
		if (SysRole.me.checkIsAdmin(list))
		{
			pageInfo = SysObj.me.getPage(getPage(), this.getRows(), conditions);
		}
		else
		{
			pageInfo = SysObj.me.getPage(this.getPage(), this.getRows(), "select * ",
					"from sys_obj where id in (select obj_id from sys_role_obj where role_id in (select role_id from sys_user_role where user_id = "
							+ sysUser.getId() + "))",
					this.getOrderby());
		}
		List<SysObj> objList = pageInfo.getList();
		List<Map<String, Object>> resultList = new ArrayList<Map<String, Object>>();

		if (CollectionUtils.isNotEmpty(objList))
		{
			for (SysObj sysObj : objList)
			{
				Map<String, Object> map = new HashMap<String, Object>();
				map.put("name", sysObj.getName());
				map.put("link", sysObj.getLink());
				map.put("id", sysObj.getId());
				map.put("type", sysObj.getType());
				map.put("create_time", sysObj.getCreateTime());
				resultList.add(map);
			}
		}
		this.renderJson(InvokeResult.success(resultList));
	}

	// api接口 获取用户权限内的对象
	@RequiresPermissions(value = { "/sys/obj" })
	public void openObjectById()
	{

		String userName = this.getPara("userName");
		String password = this.getPara("passWord");
		String ObjId = this.getPara("ObjId");
		// 用户登录校验
		SysUser sysUser = SysUser.me.getByName(userName);
		if (sysUser == null)
		{
			this.renderJson(InvokeResult.failure("用户不存在"));
			return;
		}
		if (SysLoginRecord.dao.hasOverLoginErrTimes(sysUser.getId()))
		{
			this.renderJson(InvokeResult.failure("今天连续输入密码错误次数超过5次"));
			return;
		}
		if (!sysUser.getPwd().equals(MyDigestUtils.shaDigestForPasswrod(password)))
		{
			SysLoginRecord.dao.saveSysLoginRecord(sysUser.getId(), 0);
			this.renderJson(InvokeResult.failure("用户密码输入有误"));
			return;
		}
		if (sysUser.getInt("status") == 2)
		{
			this.renderJson(InvokeResult.failure("用户被冻结，请联系管理员"));
			return;
		}
		// 用户校验成功，获取该用户下所有对象
		List<SysUserRole> list = SysUserRole.me.find("select * from sys_user_role where user_id = " + sysUser.getId());
		List<SysObj> objList;
		if (SysRole.me.checkIsAdmin(list))
		{
			objList = SysObj.me.find("select * from sys_obj where id = " + ObjId);
		}
		else
		{
			objList = SysObj.me.find("select * from sys_obj where id in "
					+ "(select obj_id from sys_role_obj where role_id in "
					+ "(select role_id from sys_user_role where user_id = " + sysUser.getId() + ")) and id = " + ObjId);
		}
		if (CollectionUtils.isNotEmpty(objList))
		{
			SysConfig host = SysConfig.me.findById(1);
			StringBuffer sb = new StringBuffer();
			SysObj sysObj = objList.get(0);
			sb.append(host.getValue());
			sb.append(objList.get(0).getLink());
			String common = sysUser.getParams();
			if (common != null && !"".equals(common))
			{
				sysObj.setParams(common);
				String params[] = common.split(",");
				for (String param : params)
				{
					sb.append("&");
					sb.append(param);
				}

				setAttr("url", sb.toString());
				render("openObjectById.jsp");
			}
		}
		else
		{
			this.renderJson(InvokeResult.failure("对象未找到"));
			return;
		}
	}

	public Page<ObjDetail> changeBean(Page<ObjDetail> pageInfo, SysUser user)
	{

		List<ObjDetail> objList = pageInfo.getList();
		SysConfig host = SysConfig.me.findById(1);
		for (ObjDetail sysObj : objList)
		{
			StringBuffer sb = new StringBuffer();
			sb.append("<a href = '#' onclick = \"forword('");
			sb.append(host.getValue());
			sb.append(sysObj.getLink());

			String common = user.getParams();
			if (common != null && !"".equals(common))
			{
				sysObj.setParams(common);
				String params[] = common.split(",");
				for (String param : params)
				{
					sb.append("&");
					sb.append(param);
				}
			}

			sb.append("')\">");
			sb.append(sysObj.getLink());
			sb.append("</a>");
			sysObj.setLink(sb.toString());
		}
		return pageInfo;
	}
}